Best Free Hard Drive Eraser

Introduction

We've all heard the horror stories about someone buying a used hard drive at a flea market or garage sale and then finding tons of personal data left on the drive by the previous owner.

Or even worse, people getting their credit trashed by ID thieves that make their living by taking that information and using it to wipe you out financially.

"That would never happen to me," you say. "I'll delete all the files first" or "I'll re-format the drive before I trade it in or sell it." Not so fast there Scooter! That data you think you erased is still stored on the drive.

When you delete a file it isn't really removed from the disk. The file content remains on the disk until another file is written over it. Basically the same thing happens when you re-format a hard drive. Most of the data remains; the space on the drive is just made available to be written over.

To be as safe as possible, you must overwrite, erase or wipe both the free space and slack space, also the Windows swap file (a.k.a page file) that could contain private data and you wouldn't want to have fallen into the wrong hands.

Works with any drive, including IDE, SCSI and RAID, and CD-RWs. Excellent for scheduling, rich features, and has good help and forum support. Gives informative reports, noting any unerased files/cluster tips.

Heavy on system resources, starts slower than FileShredder, the scheduler is of minimal usefulness for resource conscious users, and some forum posters have criticisms of its new interface.

Works with any drive, including IDE, SCSI and RAID, and CD-RWs. Excellent for scheduling, rich features, and has good help and forum support. Gives informative reports, noting any unerased files/cluster tips.

Heavy on system resources, starts slower than FileShredder, the scheduler is of minimal usefulness for resource conscious users, and some forum posters have criticisms of its new interface.

EraserDrop: From Erik Pilsits at PortableApps.com and the team behind Eraser, this flexible portable app sits on the desktop to allow for quick drag and drop erasing. It also performs free space wiping. Supports Windows 2000/XP/Vista/7.

UltraShredder: It's small, easy to use, and will work from a USB flash drive. Supports Windows XP/2000/98/98SE.

Related Topics and Information

How Does Your System Delete A File?

When you delete a file it isn't really removed from the disk. The operating system (OS) only removes the reference to the file from the file allocation table. This is like going into a book or magazine and removing a chapter reference from the table of contents. The actual chapter is still in the book. The only thing removed was the page number reference in the table of contents. With the file location reference removed the OS now sees that disk space as being available for use.

The DOS and Windows file systems use groups of disk sectors, known as clusters, to store data. These clusters are of a fixed size which is normally determined by the size and number of partitions of the disk volume itself and the file system being used. If the data you're storing requires less space than a full cluster, the entire cluster is still reserved.

For example, you've saved a file that required 15.5 clusters of drive space. Because the OS can't reserve a half cluster, the allocation table had to reserve 16 whole clusters for the file. That remaining half cluster that was not used may still contain data from a previous file. That unused half cluster is known as "slack space".

Data recovery programs can read slack space and retrieve the data stored there. Even worse, let's say the file system places your 15.5 cluster file over the "unused" area of a deleted file that originally took up 35 clusters. More than half of the previous file would still be retrievable! You could have thousands of clusters on your hard drive (a.k.a free space) that contain data you thought was deleted! Scary thought, huh?

To test this idea, use a data recovery utility (such as Recuva or PC Inspector File Recovery) and see if it recovers any files.

You can also use recovery programs to check whether an erasing program successfully overwrites your data. Some data gets nicely erased down to 0 bytes, some mixes with other random data to create files of nonsense information, some fails to get erased (whether because it's in use or it's in a protected area), and some are more difficult and require free space wiping. Very little of consequence is leftover after free space wiping on modern drives.

How Do You Erase Free Space?

For wiping the free space on large hard drives, a single pass of random data should be more than sufficient (NIST Guidelines, CMRR, Wright -- all cited for easy reference at Wikipedia).

The best policy is to wipe the free space regularly. I find almost nothing after a full free space wipe on a sizable drive. With just a single pass of random data, PC Inspector File Recovery only finds 0 byte nonsense files, or many nonsense files full of useless random data in my testing.

But on smaller drives eraser programs tend to leave behind more files of random data, and the data may be recoverable to varying degrees depending on the quality of the erasing pattern.

Since free space wiping takes so long, you may want to use file shredding in the meantime. For individual files and folders, note that the files can't "hide" as easily with an entire drive of erased random data, and some devices use wear leveling that may interfere with the effectiveness of wiping.

Erasing the Page File isn't a normal feature of eraser programs. You can easily set Windows to delete it at shutdown with a registry setting (remember to backup the registry before making changes to it). These programs set the registry for you to automatically delete it at shutdown: Ultimate Windows Tweaker, XP-AntiSpy, or Microsoft Fix It. But you can also encrypt the paging file. You can encrypt it with Ultimate Windows Tweaker, with registry or Local Group Policy changes (see Seven Forums), or from a Command Prompt:

If you need to erase a drive before getting rid of it, then Darik's Boot and Nuke (DBAN) is designed for wiping an entire drive, but be ready to spend time installing and updating windows from scratch afterward.

Do You Need to Use 35 Passes?

The quick answer is "no." In the epilogue to Peter Gutmann's secure deletion paper, he notes the importance of huge hard drive sizes and the use of perpendicular recording on modern computers. He compares the thinking behind the wide use of his Gutmann 35 pass erase method to the belief in voodoo:

In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques... It will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive... If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

Looking at this from the other point of view, with the ever-increasing data density on disk platters..., it's unlikely that anything can be recovered from any recent drive except perhaps a single level via basic error-canceling techniques. In particular the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.

Why Would Anyone Want to Erase?

Identity theft is not pure paranoia. Someone could recover personal information from a computer you just sold or from a stolen computer, or perhaps even from malware. It would be very weird to shred all your paperwork and then treat your computer as a secret lock box. It's probably more likely for someone to recover your data electronically than to come to your house and look through your trash!

If I delete something, I may actually want it deleted. Isn't it silly to throw something in the trash and then not take it out? Sometimes a file you delete will get overwritten, but it's not guaranteed and it may still be partially recoverable. Many file/drive cleaners now include secure erasing features, such as CCleaner, Revo, and most All-in-One cleaners. For these programs, erasing is just a natural extension of deleting files.

I've found erasing very useful in partitioning since the built-in windows tools won't partition unless it detects enough extra free space. After erasing, I was suddenly able to partition my drive the way I wanted.

I've seen some types of software regenerate. I've tried to delete files before and found them risen from the dead right after a restart. But not after erasing! Erasing might even prevent malware from using the same technique, but I'm not sure any exists that could.

Many people like the idea of protecting their privacy. In the US, for example, liberty can only be removed after a due process of law (personal privacy isn't explicitly mentioned in the US Constitution, but it's inferred from the two due process clauses in the 5th/14th Amendments -- that all people have a right to life, liberty, property -- and the 4th Amendment search and seizure protections).

Some organizations are required by law or policy to erase data; however, some of them use more extreme measures!

Editor

This software category is in need of an editor. If you would like to give something back to the freeware community by taking it over, check out this page for more details, or contact us by clicking here.

I came here hoping to find a low-level format freeware that can be used in windows XP.
I know linux has such a tool, as explained by Demoidemo, but i'm not really comfortable enough yet in linux to start low-level formating an old ide drive that i want to give.

From what i saw in diagonal reading here, it's secure file deletion freeware, not zeroing the drive, just writing random stuff. I'm guessing the partitions and mbr stay untouched.

What are others' experiences in using various secure erasing tools (reviewed here, or others), then using various data recovery tools?

If individual files or folders are erased (say, on small partitions, where they'd be easier to ID, if anything is recovered), is any data at all readable by some recovery tools? Even if file names are replaced w/ random characters & file content, if any, is random data?

Or - at least w/ some erasing tools - is there no trace that the files ever existed?

Erasing some test files, using single pass, pseudo random data in Eraser (recent 6.2.x / 6.1.x nightly builds), and Shredder 2.5, the free recovery tools I've tested show nothing for the erased files. That's good... if it's an accurate result. What one will / won't see or be able to detect, after running erasing tools, then using recovery tools, is rarely discussed in the erasing tools' documentation.

If nothing's detected / shown by recovery tools, it may be there's nothing TO detect, or it may mean the recovery tools aren't doing a thorough job.